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(57) mm^ 

i^ExCO^Bf-SfitLry ■;'-fe-yEv(Ex(c))?:f1^'3. C© 
^ -;.-fe-i>EvCExCc))^j*ftffllJCCjlS„ jlfifPlBi^O 
fit!«©S?iE+-^fg-:>r^©^ -fe-i^EvCExCc))^*? 
iELrDxCEv(ExCc)))=Ev(c)^l1;'3, C©y ■^/Hz-^'Ev 

ic)^^mm<^m^. smmc*. g^*^'e-©^-;'-fe-->= 

©SW©SH^-CS,S^c^«. i^^i#©^K=^^"Dy 
^ffi-or^©^ •i'-fe->^*SSKL'rDy(EvCc))=c?:f'P 

13 , i^!&^-e©y -y ■fe-i^©@a<j©sm^-c«:^c 
sm^Kiio. SB(#*^i^i#©<siK+-Dy^ffi 



(51) Intel.' aSiJfB# 
H 0 4 Q 7/38 
H 0 4 L 9/30 




C2) 

1 

[ ft*ii 1 ] ^^^c < i 1 -o(Dmim t mmD^mm 
mmt^-t^m'o mx-.mi mmmicisi,>xmmm i 

r ® 2 y 42 i^^f'F : ItrlB® 2 ^ 7 -b i^^luf 

y\2-^iy^m ■ ffrtBHa ^ ■yi^-'J^mB(D'ptj:< t 

i> 1 o©s»jf ?t)^6Miaii 1 mmm^cm^ : tuiB^ i # 
KiMtcfci^TMiail 1 ^l«jM©»M=^^-^M<.^rlulB» 

A^y-k- 'J=tm^im 1 ^KlM*^ 6fflfiB©il>^C < i 1 
-^©KiiMKsID : HfifB^4^ •yk-iy^mM<0'J>tj:< 
i 1 o©aiiM*^ etfrlBS 2 D ; tulB^ 2 

#t(i^(c te I i-cifriBH 2 #itiji©t?iii^ - ?r ffli ^ Tfjia 
H 4 y 7 " >5 L -CmMW I "j-t-v^mm 

[ft *a 2 ] HfinLi® I mmmm^-mmmt^ 

xm 1 m^^nxiPhmt^m 1 mimomm^-^^cy 
mii^mmmhxmm^m^n^ctifi. mriB^i^ 
«iM©)g^^-^HfrfBy ■?-f2-y(ciafflLTS2tem^ 
f#r j!)^ 6 friB^ 2 ^nmov^mt^ - >&BuiB^ 2 ifestc 

^AmLxmimmm-^nnh c t iisi^r * ^ j; ^ jctg 

[ff^iisj wmmimnm^c-io^^x^mtTkmm 30 

5 fif 7- 1 T;1/ 3 'J X A tC {if r ff ^ 

ti. wmm2mnmcisi>x^mt-Bi.mw.^'iTowm 

S!ii-rsit^iMiKtBiS©^ffi„ 
[lt^Ji4 ] MtBH 1 T;1/3 XABR S A§i©T;l' 

:f ; X A egg 0 . MIBS 2 r y X A a 7 1' >M© 

©^?£= 

[it*ii5 ] fffiBS 1 r;L'3 'JXAK7 t'>M©r;i' 
3';XA?5i6jaf3, tffaifr2TJL'3yXAKRSA3!i© 40 
t;V3 y X A:^):. p,)5Ss c i ^tf^mi-r ■Sit*iI3 tciaig 

©^a= 

[it*j|6 ] m 1 S!>'»2©^§M«g^^^saft 

ib:^s« : f«fB©ii 1 Rz>m2(Dm^mm&<D^'^icm 

m^-Ru^&mom^it^-^m^mx mnMim^ 
immcioi^xmnim 1 m^immm^mt^-^mi-^ 
xmi^ '^■i2-i>^^^mtbxm2^ -y-k-iy^iiir') ; 
mmm 2^v^- 'j^mmm 1 sisit ss*^ etgiBH 2 

Jal^fiSgtcjif] : HrrfaSl2i3^^figgfcfc(,^-rWiBll so 
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2 

23SSft»M©Bf#f[:+-^fflL^-rtfiiBll2 y i,i2-t; 

i>>£iiiB^ 2 s^<isg55^ mmm 1 jisit SMKji 

D : fjIBm 1 jUSfiSgJcfci^rlulB^ 1 sISfiSg© 

^^"^m^.^xmrnm ^ v^-^j^mmLxmA y 

mwti^hwmm2m^mmmimn mmm2m^im 
miciii^xmMm4j -y-ii-iyimmbxmmm 1 ^ 

m-. ^mcmnim 2 m^imm(Dmm^-Rm^^ 
m-u. mtim2m^imM:m§mt=^-%^ 
'jicmmbxm 1 fem^ff -rA^e-tuiB® 1 mmmmo 
mm=^-^^<Dm 1 ^mimmbxm.mmm^n?> c t 
ifi. toiiBm 1 m^m^m.omm^-^mtE^ v^^v^c 
jijl LTlff 2 es^ff r 6tuiBII 2 jl^ff SM©Bf ^ 
-*Mia» 2 LTMias^^$g:^.^f#2> c 

i i ^^r* S ^' 3 nr ^ ^ S c i ^!tta i -r § 
i|5}?fl6fciBt!«©:^?io 

^ilM^ff ^ iitBX r 1 7 Ji/ 3 y X A tc^ rtf 
bn. mrtB»2iilSMSgKfct^TBf-^{ba!>')SK^tf 
^ffiBxr y\m2r)\^d^) XAfcfi^o-cffbn-s c 
i^i|$aiTSif*iI6 tciB«©:^ao 
[ff^iig] BffiBSlirji'=fyXA»RSAS©r;i/ 
y X A eS . Hu IBH 2 r Ji- y X A w 7 1' > s© 
T 3 y X A*> c i i -r sii^Ji s kib^ 
©:^S„ 

[if^il 1 0 ] lulBII 1 T;i'd- y xa«7 t'>s©T 

jbnyXA^^^gSO. Bfnail2 7;t'nyXAttRSAM 
©7 ;V 3 y X A 6 )ig S C i ^i^m i -r S it^Ji 8 Kf B 
«©^ffi= 

[If ^11 1 1 ] mftB» 2 '^mmm-m 1 6 
sgf^ . mt^m 1 iis<tsgH» 1 mimiphm . 

jiftv-X r ABMtcll 2 Sltlf i » 2 ^IKiM i 0 . 

tfrtaT^iiisMtc : wmm i ^ -fe-i^^itifa^ i mtm 
i^^mt^m2mmm^cm trmm2mmmi^cioi^xm 
Mm2mim<Dmm=^-imi.^xmmmi -y-^-v^ 

^^mtbxm 5 ^ -fe-i^^f^ 0 ; tuiaSI 5 y •te'-v^ 

^wmm 2 mmwiip h mm% 2 &mfm t^cm'o ■,mmm2 
^W5micioi^xmim2^mom^m-^mi>xm 

nms^i y-^-i^im^itbxmG^ y-^-i^^i'^^ : 

tuiBSs y y^-'j^mim2^mmti^f>m^sm2mm 

MCciiO :iilBm2»ft!iMK*ii>riiiB®2»iM©« 
^^^-"4ffli^t:mriB®5^ ■:'42-i;^fl?MLT®7y 

Hz-i^^fpf? ; miimi ^ ■yi2-'jmtim2mmm^ 
e,mtim2mmmcm^ : mtEmzmmmcisi^xmm 
mzmmmommdr-^m^^xmMmi ^ y't-iy^m 



[0 0 0 n 

[0 0 0 2 ] 

^cMfiv- :x r A&CJ'f - - 1 ;k $:^ij|^§-c ^ -I, J: 9 4" -o r 
KUFSrtni/U:X7-2>^. -fy^fjn s- 1 3 6 

m^m^m (tdma) j^xt^a, sd^t^s^^jh s- 

Q b r'iy ii }inn^n^m. (CDMA) >';^rA^^ 
£i?„ 3-^-^/^•c■B. llttijififflEti (GSM) ri>$ 

"V'J^T-AttS 0 0 - 9 0 OMH zWtgffl-Ctllf'F-r-S.o 
fBAa{t'>^f A (PCS) ^i^^H-CilfiMM^n-C 
li|>o ^<©PCSi'J:^rA*n 8 0 0- 1 9 0 OMH 

[0 00 3] ±fBoafr>>^rAcDS'f? fc*}t,^-r. 

ft ^a^^fii-r 5 c i L I ^ c i *3 L L § „ 

^ n !i , I* X f A T ttf'p L T o s 2 -o<D^mm<DmT 

[0 0 0 4] AMPS^©T:^Oi'>'XrAi::ti. 

ft^ffi^fcb^^Wcc^jtf^citJ-cti^ct^^ HIS. m 

fSKAMPS-C'B, Bf-S^f[:B:^<ffbti-r, ^ttimiS 

»M i © rsi r e. ti s aft y -fe - asm 3 n fc (3 ff 
^sn/c^D 3nf#?>„ aft tcffim 3*1 SMigife 

ifiT . ^ c i fj: < {wjB^r iiff ^ f*^T ^> c i 

/O^-r-^S. C©«S©nJtlttB. AMPS^©T:^a^^~ 

>'>^f-A{cigo'oii/c 1 o©:T;fp-&^cSSt:'S)-3fco c 
©«^c^^s$nsnJ*gtt*5^>■sfc^?)^c. ampsmo>' 
;^7-Att«gfSK^ ■>-b-^:^^SSci?:-iJ^Si^^^ 

[0 0 0 5 ] Mimm^^mt urBt-^fftf-- t-x^ 

^t^GSM, I S- 1 3 6&c;i S-9 5^©iffOl.>X 

y57ji.>';^rA?53|fifSStiriiS„ c:*T.e.©7'i>^;i'>' 
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5 > ^r'ABfel^ilf fK^ > ^•A©tt®^f#o r Saff ft 

te^ffi -:. r y -fe ^Hf ^{ t-r C i *5 t s „ 
tf-tx (SMS) mm^ii'^r. iSv'jxf A©fft-^{t 

TJl^d UXAKfif-orUf-^ftStiri^Sr+X -y-fe 
10 "V^iiSCi^^-CtSo 

[0 0 0 6 ] GSM. I S - 1 3 B, I S- 9 5->- 

;^rArB. Hg^t{S&:i— tf"-i>'XrAi©PBl©y 

■^•fe-e^i*ftJc>PfLr*i^©+"-fr 

^,^r^f^^^l. ^-o^^^-BJ^^^rAiaffr^:!— tf-i 

i^><f^Ai/5:WK^6tl-ri,i5„ CCVmMbXi^?>P 

csfi<iMcc'5iir©i'X7"A^Mt&B, f^^opcsji 

fg©SI?®i&?>ri>^?;l'*Ift, aP^iGSM, I S - 1 3 
6, aJcCn* I S-9 SKfcC^rJgS^n-Cl^^Bf-^fbR 

20 [ 0 0 0 7 ] G SM'Ctti^Xr A©>^•'^ U - ^^/j^i^Xr 
A©g-a— if--icJjnA^il5iyiJ^:>'.-'.-JU CS IM) 

tf^^ci(cj:-or«gffia7-oi2X^$ijfp-rs„ SI 
MB. a-tf->&sii?:&^LfcOSl^fcO-r'S©(Cffi5# 

FT?*^„ S I MB. tf-tcJi4#©. K i i 

PfBnS 1 2 8 tf-;; VOm^P^iMLXi,^?,. C(DK i 

B. mmt. Ht^{t+-©«ttii©s*©fci?)(cfigfcn 

So GSMTB. #:3.'-1f'-?:?tiILr-?-©i--tf'--(C 

30 Wi,t£;S©^ru?^iffit)tiS„ CCDWl^M-ftiZ^SO^m 
^ ^ - A X r A© g SSMf^tTf d i -C- # S . 

[0 0 0 8 ] GSM#iijii*ii53-©*-A>'XrAfKi 
fPLTl^Si*. a"1f"*i@^3>©HI^^»->^f AiSS 
S'J-T-/— ^^Kli'^rA^MIJ-f (international mobile 

system identity/temporary mobile system identitie 
s (iMSimisl) ) ?:M7K-r€>C itcJ;or i5>/&-5tircb 
§d>«:H)5 6d>KLfoft.. l^.i^XrAT:- 1 2 8 f-:- b©SL 

iURAND) f)Hfi&$nn0^mm<D3.-v''-<DK 

i ilSl^§tlT3 2 t'y H©)Sg (SRE S) 
40 C©it>'XrABRAND^I^SStlifK35|0. ISStt 
jiB^©:3.-1f'-©K 1 5&^6i^e#©SRE Sfa^ft 
^L. C©RAND^>'X7"AfCiif]R-ro ^>L^©2 
-3©SRES*5i)|ffl^5^i:e.B. ^©#Ki^B*i|^J-C* 

siiijBT3n.s„ Bf-tfb^^^-" Kc" ii'^^fcmc. m 

#«r«SlO*aMffl©W^tCfcl^TRANDSS>*K i ^ffi 
M-r -5 T ;u n y X A K J: 13 . i -> X r a i © FsI 

©afi©fc^©Bf-^iftf ^' H?ti^fi;jigi?n§„ ^©a. K 
c imm-cm^ummit^n "ifcmam^ti^. g s 

50 ACCtel^r^a— tf-©Sii355fffcnSi#tc. ^t^B 
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S-K. ^©>';:<rAfcRAND. S R E S &^>K c (Dffi 
[0 00 9] I S- 1 SeSD'I S-9 5©5IIS!RO'fft 

-^{t©^8iii^Ji«si^ Kiai-t:'* f5 . a G s m©»iii 
Sy^Bf-^fbo^iiil^JiifKri^So I s - 1 3 6 v-xf 

ASE>'I S-9 Bv-y^f-A-Cti. Bf i fEg©^ 
feWfflSn^o ^© I S - 1 3 6&^ I S - 9 5©^?£ 

#t()M(Colir©6 4 f-^ h©A^^"B->X7-A©t'^ 
U"-^?(cj;-:>r^?iS$n-S„ M^ttiM{<:ot^r©A+"- 
»^ ©iisijM©§T*^©* - A >- X f A i -e ©mM g 

Si^tt. A+-^iti^t,^ti*^effl©tiBiT-r- 

- A A © lSi:;^r 3 tl M'S r ( shar 
ed secret data (SSD) ) ?:FjfS©rJl'd'iJXAAi6 20 
f'PJiS-r^fc&tCffibn^o ^^tt^Kol^TCS S D 

a, !t:-A->;<rA©:i--^P"^r©^A?^!*&-r^c:i© 

•Ct^:i--"^-?-xT • 7"a hnjl' (an over tine airpno 
tocol) OffifflCCj;or^©^«ll^©A+-j!i^e.^»IW 

[0010] I S- 1 3 6SJ>"I S-9 5©iiiiiR^;Bf 
-^{tr«. 3 2 t'.? h©)J:«ll?D'«W*5|^i^«I^©-tJ-" 

t* X X ij T X 7^ A rt-TFifSrHlPi?: fcl ^ T fl^/S 3 tlT 
fiS(;i3nSo ^idlf ^i^-Av-Xf ACC*3t,ir>'7srZx 

^©S S D:^^^ 1 8 K h©5BiS)J;g:^:itff-rS/cfefC 
lia©)Ai!S0?a*SKt^ES*sffiffl5nS„ ^©a, ^©» 
-e©^tt^ccoi^r©p?*>^; > Kii ?r^tf T 

i*6ni.„ ^©Ti'-fe;=^g*?:§cfas(^,i, ^-as^^^ 

•rAB)A±iPft>'}iKtS£>'^©^ltti^©S S D^ffioT^ 

tii#©tssfii^it»-rs= ttists^i, ^©^^tdii© 

S S D i , Pf * -i? > b fa?r#tfft!!©M»r- 5? i ©tLK 

Kj;-,r, -&©iittj^i?55*tirifc§i5iiS3tintf, ^ 

©SttifttSS$ti5„ 40 
[0 0 1 1 ] ^ttii^^PB^^tOv'Xf Ar-v-xf-ASi^ 

g4ffli^rK#tt^Ktei^rRs^«i^©s s 0*^6 1 8 

-i>3!)WttM*^6ISW5fe©i^X7-AKa6nS„ SSPfl 

5t©->;^f-At:©^0mi^7^'-fe><K'3l,i-t:{S, 7^742 

„ Ifit^tSg i )AiiP?£>'gl- W i BlS^lttM©* - A >- 7^ 
rAtcj5*e.n, iS^-Av'Xf Att^-©)3;;iiiif£>mi 

mmmmo s s d t r^^i i#©)[t;gffl^ti-»-r so 



^= lilSr&g^±^ibl5T€.CitcJ;or^©«tt)f^5 

;^f-AjcS6tiri*^KiM35W§ns„ ^s^ttM^^M 

t>?>mi^M$n^t^, Jift©ffilSlSSffliBf:^7'?> 
F i A^S#»)i*^6PfigStf«i i ^^fcRv-Xf-AKjl 

ti. g5)?*Lri.^S#KiiiK'3i^-r©ia'BStiri^.S>S 

A!i. swK-o s s umtimou^immiif t 
B. ^nit=^- • \-^imri>ttisbicmimmm» 

[0 0 12] GSM, I S- 1 3 eSy^I S-9 Sv-:^ 
r A -effiffl 5 ti 5 J; -5 ^^cJSflJtc t, ^ r ©M& S Wmtf f g 
t!)^" I E E EfflAiiffi " ©6 - 1 0 W© 1 9 9 5ip8 
f1-W©^'> • ■fz''^yicj:6" ffilAafgvX rAKtett 
^7 7>f^^i/-Ry£Stil!©fc!s5©R»j" il^^l^^ (th 
e article "Techniques for Privacy and Autiienticati 
on 1n Personal Comnuni cations Systems" by Dan Brow 
n in IEEE Personal Cotmuni cations, dated August 19 
95, at paqes 6-10 ) K^7K3nri=i-S„ 

[0 0 13] GSM, I S- 1 3 eSO^'I S-9 5i^;^ 

f-Azim $hz> bMomm - w^iiBjiff ©us 

Ctl^COmM^mo^X^K :i-1f-©A + -XttK 1 

tismtt6. ctiibommmmt. a-"if-©ss 

-0x1^6 ti^'j^mihiSi'on^, a"-tf-©K 1 

TC^Sa^1f^©KcXttSSD?:ff'gLfcA«, «S 

^r'«fflnj«er*s©r\ i^^^^Aoaii^^aLrij 
mLxi.^:^2'^(D^nmifimfi^^^\mmifi^comm, 

[0014] <ti^^-^mtijm\t, a-tf-^cci^H 

{t^^-^^fJiOSr^tiSwni^), Sfc^©a^tf-(c 
U jD^SP 6 n C ^ f£.S©»S^^- - 1> a If- ^ f c f rj e, 
n S j; ^ tc % o r t ^ ^, r '4 s „ a «© SfiilJ :i — 



(5) 



7 



cDSfiiij a -If- © Bf b - 4 fg o r Bf -sif t s nfc y 

Tjffitt. i?a;i«GSM, I S - 1 3 6, M^ltl S-9 

HSr^^jrafi^Mft-r ^ e: i ^ S „ lo 

[0015] a*©4ilf1+-Bi^lft#^S^fl!fflT^-f2^U 
7-'>;:^rA-CK. ^ttif XA^Bf-^lftSnfcy •:;-f2"->? 

^^mmicm^tt^t. ^mma. mhmY<Dtc 
§ n w n 6 t ^ r >; X A i ©i^:?^ 5 

C i hSmv$>6o . S*©i^lf1 + -Bt^ft73iS©Ctl 
[0016] 

So i^l!{iMTiS:^©«^clt»«?SCcB|igf)3!i3^S;&>feft] 

Kr Jl' d ') X A ^- -c y -7 -b • ■ V 4 f£.SsCC3<f^ L fc 
f#l.o #t!l4^©^ttli©5j^-^A>'Xf AWT^b 

3 y X A i ttM ?i s i ^3* i © T 3 y X A ^r^tf -r s 

/cist>©^©4 X f- A :t " >&5«^-C t, ^ -S -> X f- A 
K-e©#«)*©^tt^*^AOji^/^:it!^i:£■KB. ifSB 
©J: 5{c!t»M-rSSfr>&^At < ^'=i:.S*^l>an!^j:l^„ 

C©ii^, i'©#tt^'fc, ftoa— y-'-WT^l-ayXA 
t?Bt-f|-ft^tf ^ i i 4>fc^©^Klif ©a— ^f-©r;l'r3 

y XArl?i^^ff -5 c i:^3r§ftwti«^:6%(.^ri>^ 
•5„ ma, Bf-s^fb-rs/ci/jKffibtisrjbay XA 
^m^mt^m^itmmmrinmbmi^ni,^ 40 

SOitff«jS4i£l>^ i -r & 6 , ^©«^cgff ^SrSfc 
^©tiHUT'^S^^fcftlil&t,^. ^fc. !ftS©TJl':^y 
XA^^ff-rSfc&©n- KRE>'f^-^r^#s^tt^{Cia 

[0017] ■fe;l'^->'XrA-i::£:lf1+-Bf-?fftffi*ffi 
■£> C i ^ffiiE-r §fci*fcSlfHiiJ©SSi)lo353^fiiI'JS«lM 50 
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* 5 „ 5 a©/^|i^ -Bf ^{tffi-t'KBf 4|{t =^ - ^ 
©Bf 1 ■o©#Si)^KiattS-fi:S©ttffl«r* 

^>o^feSnti&t^ SffiJ©#»ii©+--*^fc L#f:?fKA 
#wtiK. j?ij;?.Wi3:SB=j?j:itc, ij);<^K^£;Drj^ftffl[j 

[0018] 

{tffi4ffiffl-rSMft->xf-AKfci^r«Sffiii^ -^^ -fe- 
iJ^iiS^S^tlffi-rSo C©^ffiK, a-tf^©Wig 
- © a— !f - ©iiS^S fc I ^ r ©^Jd e. s 
£:ii^c5j;^K*te3n€.„ c©^ffi«, :i— tf-© 

3*Sfigg*S^O:i"-!f "CDBi|-^{L/»Sr Jl^^f y XA 

Cil\t. !ffSlJ©>— ^>X?:jll^r 2-3©jl'g{f 

ggPHi-c^ 42 ^ i> ^ 3if^-r s c i K J; D Hff $ n 2> „ 
c ©^ffitt , mm^-mm ^ ms^uM^m^ m 
ji L . s^ttif t^^txmo-) 'm + - • Bff ^ \ t/mmr n 

3 y X A ©^?^?:^tf t: ^ J: -5 K „ C ©7ifi; rtt . 
fi*©&M+-Bf^fl:ffi©i«^©J; ^ KJ^SfiSB*3g 
W©SMfflfJ3iS^g©Bf t=^^ - i 7;!/ 3 y X A i ^ 

iiSftgg©tf-»»«S^#^© 1 ^©TJl'rf y XA 

[0019] C©*a«. §S!!&^^t,>5j:ailffl3!)5S<? 
M^cSjBf^jt/SiiTJbd' y XA^rffiffifS 2 o©^tt 

-i>-y--t:X (SMS) 7 bf-t:X^iJifii-rS©JcS 
AL-^o CCOy^mt. at»l:©it!|5WtC'J>&l^SS+"T 

y XA^ffi-or^Wsil^c tommicMi^mm 
^f^SJ;^Cc. aM4ff^2o©#«,Mffl-c^i.>B^«i 
M i a^M i © - ^ I. © f c Al-:> = 

sfc. 1 -^<D^mm*-^m<D^mmx\mirm^mm». 

K5tlg??F-§-^S^ (a secure authenticaticatnon snqnat 
ure ) €32lSfcS?)tCC©7?ffi^ffiffl-rSCi^>rtS„ 
[0 0 2 0] *?6fiH©^SII»iJrK. 2 ^©a— tf-" 

Rarseftsns^ -fe^i^c^V > h PHlBf^ft?£?5^^i>& 
< i ^ 1 o©Sitk^iffi|S[©#ttJii;|:WrSfiff v-x 

7"A©Sfl&^t?K^Kmffcn^cl^o #Kl^Ml©a- 
1f-{Ctt. ^i^itte.tlS (->X7-AfC^D^nS) Hf-^ 
{t+-Em 1 i#tt^M 1 Kfcl^T©^SD6n5j|fK+ 
-Bml tMm'Omribtli> (" lli^{t^^"Emx" S 

X A i -e © r JL- 3 y x A-r-fg^ § n s + -tt i © isf 

Jg-r. BP*i EmxBBi^ft+-ffi&ffiffl-rSBf4|{t/« 

sr;i'3yxAr*o. i)mx<,mm^-m^mm~r6 
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(i§mt/mmr fid >j XAVA?>) . ^mmuzoim 

tifim'Omxhti. CCr-Dml Em2 = Em2Dml 
X'S)i>. Dml Em2=Em2DmlB. *^&fCDml 
y'k'-iyticmm b'Aic E m 2 ^Sffl-T i 5 C i 
imtbl^C E m 2 =£yv(C Dm 1 ^r^ -y-fe-i^Ka^-r-S C 

6o tfc. M 1 WE m 1 iM 1 ©#Sl|©Bf ^ffb/HllKT 10 

jbd yXA (Ai) i4aor(,^s^cW-c-M< , M2!i 

Em2 iM2CD«)JlJCDfIt-^|ftr;l3 (A2) 

[0 02 1 ] ^mmu 1 ^}^o-rii^.:i-1f-3tilj^«)M 

it, -eoiifiy ■^-fe-yciJMHCteliTEm ISO^ 
A 1 *igi^rif-E|fb$nTy ■7-fe->;Em 1 (c) i^c 
MlttCOEml (c) ^rv-Xf AOSiiiiB 1 {C 
pI-5o SittiiB U*Em2 iA2 i^rffllsTEm 1 

(c) ^fff-^ltLty -;;-fe-i>Em2 (Em 1 (c) ) 20 
^imb. ^n^Ml fCjl(3H-r„ ;XKEm2 (Eml 

(c) ) ttMl K*3l^rDml&E>'A l^ffll^T^^S 
tl^o Dm 1 Em2 = Em2 Dm 1 t?$)'S©r, Dml 
^ffl(,irEm2 (Eml (c) ) ^^K-r-SiEm2 

(c) *3f#6n-5„ MlBEm2 (c) ?:B 1 fcj#§„ 
BUi. ^«J^M2*3#ftLTt,^§IS:fe5?:«fflT€>aift 
^B2(CEm2 (c) =£jg|§„ ;^ivKEm2 (c) S^tt 
2 Kjl^^nrSItlMM 2KJ;',rDm2 RLJ^A 2 T' 

filK^nr, #ttJiMi*^6^tt^M2{csi6nfcaft 

^ -:;42->Jc ilSSo 30 

[0 0 2 2 ] :^mmmommmv{t. z-^co^mmm 

S (->;^rAKa6n'S) Bf-^{b+-Emi 

Ml KteL^r©^^^6n?.M^+-Dml i*5fji3^r 

M 1 BBf^lt/WStT^L-d-yXAA 1 ^ffiffl-^ 
^^StiMM2 0ffiO>'Xf Aa-ff-tctt, 
6nSBf-S7ft^-Em2 SttiiM2{C*it.>r©.&?cD 
6nS»iE+-Dm2 i:^j3SiJi9Sr6tli.„ M2KBf-5f 

it:/ft?itTJi/3';XAA2 4«ffl-r^.o Sfc, v-y^rA 40 

©^Siii^BxtCt*. £;Mi^en.5>Bt^{t+-Eb X 

B x©J?^*5^pSfPm-- D b X i3&5fijf3 
tlh. #*WttT;l/n';XAAbxKSe^rHt-^{t/ 

fs^^tf^o si^{caM-r.ssite^Bxi#«) 

X i ©t,^-rn©>ftK-:)l^-C ^> D m x E b x = E b x 

[0 0 2 3 ] COWiWtCU. ^ttiMM 1 ^ffo-ri^s 

a—tf- ^?t)5s®{jiaaaft^ -fe-t; c ^^^wif m 20a 
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^Eml (c) tfj:i>. MlKCOEml (c) ^v-;^ 
f A©Saif B 1 icm?>. MtmB 1 be b ISC/Ab 
l^lHt^TEml (c) ^Bg-S|{tLr-^>:'i2->>Eb 1 
(Eml (c) ) ^Srfpf], ^n^MltCsl§„ Eb 1 
(Eml (c) ) B;^(:fcMHCfct,^rDmlR!>'Aml 
^m^^xmmSti^. DmlEb2 = Eb2Dmir* 
S©r% Dml^fflOTEbl (Eml ( c ) ) ^SfK 
-rSiEbl (c) A^ff6tlS„ i^CfCMl ttEb 1 
(c) ^BHmi>^ B 1 H, D b 1 :&[/A b 1 

•cEbi (c) mmb-cc^m. ^m0iM2t>Mm 

2iM2 i©raT?aMy -^-fe-iJc^Ml iBl i©ra 

C(Dm^. B2, Eb2, Db2SO'Ab2*5M 
K EmK DmlR!:>'Aml tcftt>i3. M2, Em 
2, Dm2R(y^Am2>03B 1 . Ebl, DblStJ'Ab 

[ 0 0 2 4] armmmm^mmmtmm-\ix 

[0025] 

fiSsnfcafii^:^rA 1 0 o©7'o-^ i'iat?*5a i^y^ 
rA 1 0 0 it. mmmB i Ri>*B 2, m^mism 1 4 

2, SDf^«J^MlR!:>'M2!&^6)ig^„ 2o©aM!^i 

2 -3©i^«i^i ^^^-r-s fe©i L.-rii:^3nr t^stf 
ni'fe. ix>^rAi 0 oaai tc^K3nri^sj;f3^i! 

^i, ^ 5*^J>^©Sit!lM^l ^ BSlttiM*> hm-oXi>XhJ: 

«tt^MlRC>'M2». M13J[J:M2©-i---'/--i 

ffi©#ttafsi©^. m^uzL- -v'-mMmimLA 
2 ccgiRs tifceissisi ©rsirw^aff ^ffiffi-r 
ttmig-e*or^>ctc^o #t!i^M 1 s^'m 2 a, ma 
ft^g^i^ttiE^^f^A^aL-cttfp-rs ^ 7- F y y 
M3>fa-^f^ti-©, v';^7-A 1 0 0(c-:5i^r©>'y; 
r A^MK^^^-o rttfp-r ^ c i ©t? t ^{fi©isttt©«« 

©#KiaMgBt?$.-or'fcJ:i^„ H^aitffll 4 2«, 

'xi^iti^mmm^m (pstn) , mm. mmm 

iR. St^v-Xr A 1 0 0 \HX(D^Wsm<D 1 -o<DM 

nm^^y^-^'5i-siri>%^7sTi. i o o©fci*©aig 
mmmmmvh'^x^^i.K v-xfAioorK. stt 
j^MiSDfM2KRF >;>i'4abr>';^f Ai o o© 
mmtm.mbmip>%^-:^7-j^ i o o©aji«H©*^ 

»t[iISCi*3-Ct-S>o 01-Ctt. #tt^MlS^'M2 
tt, ^ti^nRF'J>i'l 4 4SE>'1 4 6 4/M>rSift 
MB 1S:?>'B2 i-en^na{tL'rL^-!,fe©iLrm5 

nt:L=>-S„ v-Xf-AlOOH, RF y >i^4^YUT#K) 
m 1 S.afM2 iSitJf B l&OB 2 ioraltCri^^r;!^ 

o r Kifl; u r ^> j; I t'J^ JimiMiy 7- r a ©latt 

sowpKi&^Dr * i>(Dx. cc vt,m b < <<mm b 
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:f^-:^it. minmm]u^/mi-mm^^ {cTeiecotmuni 

cations Industry Association/Electronic Industry A 
ssociation (T I E/E IA))©IS-136. IS 

-9 5. RzfPcsiQoom^m^itGsummm 

[0 0 2 6 ] #SflJiM 1 tt. i^Xf-A 1 0 o(Dmtmt 
tlfch^ • H 1 0 4^S^Ori^^„ 10 

M 0 6 RF ?f *;l/iitl?S(y'"*©flk©i^:^7"A 

nm<D±mmi\'^mm-t s , aft ©sssa^iT ^ 

&K^>ffeii_-i-' h 1 1 2^^rJffl-r^Ci7:)ir#ao r 
-fJ^^'L- Y I I Ott. I'^aiwM I «:2.--f "fat^Wfl 20 

HI 1 2KJ;f3$lJfflI5n§o ^tt^M 2 B h 7>->-^-i- 
- • M 1 6. a-1f->f >^f-7 x-;^ 1 2 

0. ^a::--:, M 1 8. USar:.-^ H 2 4, SCJ^r 

M 1 (D^tJtS-r^-fei'i^ a XCOt^riSiiLfcCDilllD^ 

[0 0 2 7 ] mmm b i astt^ ifiEMt^?:^ o i f3 
t^fc^oryj-t 1 3 4(c|g^-$ti/c h ^>^>'-^^'- 
• i:^^:' F 1 3 6^^$ur:.^a„ B\mm:i~^vv 30 

1 3 8SD^'^!^lii^gl 4 0 4>^S-Lrc^^„ 

M 3 8 tt, ^mwi'^o:>m.wmm^ v't-v^i'v-m- 

■SiifeK. ^Saftffll 4 2i©-f>5f-7x-i/> 

Htf TSfci&CcMg^ 1 4 0 ^mmti> C i355t:-^ 
So SiiMB2Bb5>i^-^-f- • J^-';- b 1 2 8, r 
>f :^ 12 6. Wa:^ .7 M 3 OS^MSg 1 3 2 
^^#Lrfcf3. cn^B#^?SiiM B l©>rteTS.-b 40 

2 > K -o I, -r L fc «ti 4 ft o T I ^ S „ 
[0 02 8] :$^W© 1 ooHJtW-CB, Hf-^tStlfc 
^ y •fe->>^>';^f-A 1 0 0 Kteti-Cjitp-CSfKStl'S 
Cttj:< l-3©a-lf-":S:.f,ffe©a-lf-fcffi-rc:i3&5 

v';^ r Art©ll:t© 2 4< > b rHTC©*' ■{ > b ralMft* 

[ 0 0 2 9 ] ^-f > brsl^ -^-fe-yfesl^rS^tCff^fc 
&{C, 0 0©#SttJi^MxK, 50 
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Sffil;©2^StlJ^IMm£J'M2tco(,^r. DmlEm2 
BEm2 Dml i^L<i^i:WnB^c6^i:i,i, bipb. M 
1 SC>'M 2 ©§ ^ tc J; ffiffl S n fff -^t T =f V X A 
BSi^c-pTC^TfeJ^Oo MS 1©:!— tf-*5MS2©3. 

ri^-SiS, -^-fe-ycttMS KCfcl^rEm 1 

n.lfAm 1 -CHf^ftStirUf-^ft^ ■:'-t2-i>Em 1 

( c ) A^fP^tlSo MS 1 Be:©Em 1(c) ^v-Xr 
A©ttliJaB HCi2l-5o «iiMB lBEm2&C>*Am2 
?:fflUrEml (c) ^Bf-^tUry ■^i2-i?Em2 

(Eml U))ii^K). CtliUS licm^. 'AdCM 
S lBDmlS:?>'Aml?:fflt=i-rEm2 (Eml 

(c) ) ^SfKf-So DmlEm2 = Em2Dmir* 
^©T, Dml^mt^TEm2 (Eml (c) ) 
-rSiEm2 (c) mW^tl?). MS lttC©Em2 

( c ) *B 1 Kg^o BlBC©Em2 (c) MS 

SCEm2 (c) BMS 2Ki*r,ti.r, MS 2 tC j: -jT D 
m 2 ii^'^A m 2 'CMsiiStrC, M S 1 tC j; f3 MS 2 Kg 

[OO3O]£:£:-C02 ^#M-r.S i , *^Ba©IIS6« 

s= nwi bx. m 1 ©i^KiMM 1 mmmuz i©ra 

©B^-^fb^ ';'-i2-y|^j*©^>l:ffll,^rC©-7'n-fe;^?: 
iJiB^-rSJ&5, M l«^t;'>©TJL'd-'jXA (Rabin alqo 
rithm ) ^fgfflL, M2B^'f'<XF, i/+5;bSy'i 
-f FjI'-7> (RSA) ©TJl'dUXA (Rivest, Shamir 
and Adleman (RSA) alcprithtn) i^mt^, ^t;'>© 

r;i/3 y XAK'3t^r©^ffS^)iSBB3!)5. i 9 9 5^kc 

RCK<t«]TlKfSnfcX7--^ >V> (Stinson ) ©» 
^" Bf-^?£©ffll^i^K" ("Cryptography, Theory and 
Practice") © 1 4 3 - 1 4 8 HKIBtSSnri^l.^ R 

SArji'd'ijXAtc-oiiT©f¥ui^^iiS/&n 99 emc 

> • 7 1; • r > F • ■9->X' (John Wniey and S 
ons ) 75^6flJtf §nfcy>?^ (Lynch et al.) ©# 
®" ryi;;V-7;^-" ("Diqitai Money" ) ©7 6-8 

[0 0 3 1 ] mmmM l ©fcS)©+-|H»E m 1 RUD 

mi^^t*>©^Kee-3rstR-r-sci*5t:'t-5o ^ 

t:>©T;l'n';XAt?B. CO^J-CB, SJfJSnfcBtfS 
©mN^ffll^-C2o©»i{pSE>'q*5j»?Sn. cici-c 
pXq = N-CS)53. p =4 k 1 + 3-C$)0, q = 4k2 
+ 3t;ifef), C:©k mc;k2BSi^t:'ifeS„ NB&^« 

:^=ce)^cC^„ EmlBEml(c) = (c)'mod N 
tmmStl. DMIBDMI (c) =c^'' mod N 

ts«sti. c©cBiaianS'^#^-:'-fe"yr'* 



C8) 



13 



1 0 - 1 9 1 4 5 S 

14 



■So DM1 {c)^c''' ic-ol>xm<tcib!,c^ Mxl 

^x' =c mod pix' =c mod qi^S 

tp-^tcfjih^^. iSW^c'"'^ = bqxl + apx2 m 

[0 03 2] #»)iM2K'3t^Tcr)+-|lfiS!Em2. D 
m2^=y -^-^y-,}- ^ i^f SJl^SlLfi-f F.'l'V> (RS 
A) ©a^fC^e-jrajRt-^r l-^^TS-'-, F-^^ATIt 
2-3© (A^^C) «»p7iCKi in- '-e-til.-fi -I 10 
t?p Xq =N-C^.5„ C©^JgM-Ctt. M2©fci*©N 
«MlCDfcei?)CCffifcn-SNK^L-U„ ^nSJjKDmlE 
m2 = Dm2Eml tX.^^M'F^WctOifim^'C;^ 
Dm 1 Em2 =Em2 Dm 1 ■CS)-SPIO 

fia 2S^'b2*W?ti. CCr- (a2) (b2) = 

1 mod (p-1) (q - 1 ) NS^'a 2 

UlK £:©i#, Em2Ra'Dm2tiEm2 (c) = 
(c)"' mo dN. Rjyi"Dm2 = ( c ) III o d \ 20 

[0 0 3 3 ] 7"a-fe;<BXr-^7"2 0 o^^ej^Si^. c 
c:-cBt^{t7'nH2X>&SMitrMj*&3n.So ;^r-j'7'2 0 
2Kfcl=>r. EmlSOfAml^flati-ri&aa:::.-^; h 1 
1 2 tc j; f) affy -fe-y c ^iSMtsnr Ht^{t-^ 
■fe-yEml (c) = (c) ^ mod N^sfp^n 
S„ :7'n-fe;^tt;^7->;':/2 0 4Mf L.> CCrEml 

(c) ttF7>t^'-^'«- • a:^.;- M 0 4*aLTMl 
*i6B 1 --gfiStlSo h ^^v'-z-i- • J-j:-';; h 1 3 
e^jlLTEml (c) ?:SltK-:>/cf^, B 1 ©Sitilg 30 
gl 4 0tt;^7--;':7"2 0 6t:Em2Ra*Am2^fflC^r 
Eml (c) 4fft-^{tLrfI|^f[:^';'-b-yEm2 (E 
ml (c) ) = ( (c) M mo dN^fP-So 
■fe;^B;>CK;:^r-^7'2 0 8Cc#0. c:c:-CEm2 (Em 
1 (c) ) J&^B 1>&^6M1 K^P.^'So ;^KXr f7"2 

1 0 tCfel^T. Bl/5^P.Em2 (Eml (c) ) ^-gt^t 
m-otc^&. Ml(Dmm=L::.y h 1 1 2BtfriB©a;cAm 

2 (^tf^or/l-d' yXA) ?:ffli.^rEm2 (Eml 
(c))^»BlTS„ (Em2 (Em 1 (c) ) ) ^''^ 

= ( ( (c) M t:*S„ fl^en/cDml (E 40 

m2 (Em 1 (c) ) ) B (c) mod 

mmu v^-'jEm2 (c) t,cm,i\ 

[0 0 3 4] 'AiC. :^7'y7'2 1 2Ktel,^r. MIOF 
• a::,-:, M 0 4 BBf-^fty -fe-i^E m 
2 (c) ^B 1 icmi>. '-XiC. ■^7'2 1 4fC*jU 
r , B 1 ©ftljfja::: M 3 8 BHilMfilB 1 4 2 

OrEm2 (c)^B2 ©tIJfflJa::. h 1 3 0 fCilS„ 
C©^ fis-tJKBf-^lftSnrC^S©-:?, CtlBS^i"^ 
affC$)?,„ ;XtcXr-:.7*2 1 6tc*}(,^-r. B2©f|sljffll 

H 3 0^aL.rEm2 (c) ^^WIRofcfi, 50 



h^^v—^-i- • a::.-^ H 1 2 8BEm2 (c) ^M2 
Xr->7'2 18-CEm2 (c) ttM20MS 
gl 3 2rDm2SO'Am2^fflt,irS?gSnrDm2 

(Em2 (c) = ( (c) ") " modN, BPi^Dm 
2 (Em2 (c) ) = CJ&Sf'^^n.S, C©i^M2B« 
KiS^a^-;^ -fe- c ^SWK -:> fc C i fc S , 

[0 0 3 5 ] :$:||B^©ffi©S|]5I^Jt:i*. >';^7"A 1 0 0 
tCtel^r 1 ■-3©:i.-1f-5&i6ffe©:3--1f"fcy y-fe-i^ 

y y ©SK^ i aft 0 r L ^ ?.sifijf icm^nxm 
tt. aft*!? -3Tt,^sftk©ti'rn©i>f--f 7^ -f-oBf 

[0 0 3 6] -tetc, c:©|ejfif?ijt:tj. §#tt^MxK 

Bi#f t+ - E m X i fii^ + - D m X i ASf Ij t3 6 tl 
6. Dmx«#<ijMx(c^l^t:©*a6fi'S„ '>XrA 
1 0 0©#att^BxK«Ht^{b=^^-"Eb xi^^+- 
Db xi>&SfJO^-r<E.tl-S„ DbxtJatftMBxfCteli 

MMxR?>'att^By©ffiKO>PfKol,^r, DmxEb 
yBE b y Dmxtc^L < iSWntfnc6^cl^„ 

[ 0 0 3 7 ] Ml ©^-1f "*^11Sffiif3im ^ 
c ^ M 2 © 1f ^ CC^^ C i ^- lig/v CC ^ <i i L> , aft 
y -te-i^ c «M 1 icj: i) E m 1 WOArn 1 ^/^^l^tBf 
^IbStir^ ■^'■fe-^yEm 1 (c) ^^f'pen.S. Mitt 
C©Eml (c) ^i:zy7sTA(0mtmBicm^, ^© 
fS. Stt^BUiEb iSf^'Ab l^ffll^TEml 

(c) ^Hf-^fbL-ry ■:;-fe-iJE b 1 (Eml (c)) 
^{^"0, Jin^Ml iXtCMl BDm ISO'A 1 

^ffll^TE b 1 (Eml ( c) ) ^mmt^. Dm 1 E 
b 1 = D b 1 Em 1 -t;*^©T:\ Dm 1SC/A2 ^ffll^ 
r E b 1 ( E m 1 ( c ) ) ?:»|gn-r S i E b 1 (c) ffi 
f#6nS„ MlBC©Eb 1(c) ^BlfciiS„ Ml 
ttC©H$.c&rB ltciELl,^Eb 1 (c) ^31^1*-©^ 
--tf-r&iOffSo B IttDb ISCfAb 1 ^i?3l^rE 
bl (c) ^PKUrc^f'FSo ^vKBltt. i/Xf-A 
^aur. :3r"1f"M2*ifegLTI,^aiii^?:«iI^5 
a{fi^B2{Cc*jJ^-S>„ ^X(CB2iM2i©ra-cam-pf 
y-k-iy c WM 1 i B 1 i©W-C©Kji{Coli-ca-<fc 
©i^<IDaKBt^{[:5nf#^5&s, C©J»^. B2. E 
b 2 . D b 2 &UA b 2 /O^M 1 , Eml. D m 1 St>*A 
mlCCf-t;t)f3. M2. Em2, Dm2&C/Am2*iB 
K E b K D b 1 RUA b 1 KftfoS. 

[ 0 0 3 8 ] H 3 ^#M-r S i . *^HJ3©SIW!l©afi 
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■So m3(D■^&nm^i^-^x. m i o^Kimm i t^mm 
M2 ioraroBf^ity -^-fe-yKiilcoii^^&iJiB^-r^ 

;b=fyXA^1gffiL> B lSD^B2BRSAT;l'd^•;X 
w'M 2 imtm -cffili $ ti s R s A r ;i' n y X A ^ffifls 

[0 0 3 9 ] #8tlJfMy© + "IimEmy. Dmytt^ 10 

t>(Dr;>=f';XAt!«. st/?$nfcitN?:ffli,^-r2o 
cD«iS[pSc^q3i^SJ?S4i. cf:-epxq = N-e$)0, 

p = 4kl+3-C*f:), q=4k2 + 3-e$)0, klR 

^•q \mmcmfcntj:i-)mmhtj:l.\ EmyaEmx 

(c) = (c) ' mod NiSaSti, DMyttDM 
y (c) =0" ''mod Ni^a^tl^,, DMy 

(c) -&cfC'3l^-r||?<fcJt)tC, mxi=± 
qCp*i)/4 ^ -^j^-^ X 2 = ± c"*"''- ?rmcir?3fiji: 20 

= c mod p, Jkl)^. x'=c mod 
W<o 2-o©fflaS.C)^b*5ap + bq= 1-C*I>C<!:3&5 
^tl^-ofcUhU. UmAc^" =bqxl + apx2 
mod mcX^ c^m^^fi-rcbifi-C^^. 

[0 04 0] aift^xfc-^uro^-MifcEbxsy^D 
A) omm^m^rmnt^ctifi^^h. rsat 
ccrp xq = Nr3feSo ;XKftko2o©fgaxS:cFb 

x*5Sil?5n. CCr (a x) (bx)=l mod 30 
(p-1) (q - 1 ) E b xSCf-D b xtt, E 

bx(c) = (c)"' mod N, Dbx=(c)'"' 
mod NiS»§n.5„ CO^ii^ilT'tt. B 1 

ONBM2K^gffl$n'SNCC^H^„ ^nSSfK, Dml 

E b 1 = E b 1 Dm 1 -J^ff^^SfcTO/Jji^MCCJ^c 
■5„ D m 1 E b 1 = E b 1 D m 1 U , fi-^ 

Dm2 E b 2 = E b 2 Dm2ri.§PI0K, N©ft!l©ffl 

C-C'Bf#|b-7'n-teX*i|Flji&$n.S„ 'Xf<C-X7-"j-7"i 0 2 
-e, afty y-fe-i^cttMlO^ilJ.;::-;, H 1 2r'E 
mlR(>'Aml4fflt,^-CHt-^{t$n. Bf-^ft^ -^^ -fe-i^ 
Eml(c) = (c)'mod N*Sfpe.n.S„ i^KX 
f->7'3 0 4K#ffL, dd-CEml (c)Kh7>>' 

Xr f7'3 0 6-C\ h^^v—/^-- • aj^ i- M 3 
B^MUrEml ( c ) ^St^lRofcfl, BlBEbl 
S£>'Ab l^mv^-CEml (c) ^Bg^^tUT, Bf-^|{t 
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mod N4ff§„ 7"D-feXB;j^tcXri'-7'3 0 8tc^ 
tfL-, C:C:-eEm2 (Eml (c) ) [tV "yyiy-ri- 

• 3.--? M 3 6^aL.rMl:^:>6B KCji^nSo 
fC, Xf-y:7'3 1 OJCfct^r, ^7>i'-/^'- • 

F 1 0 4^aLTB l*:>6Em2 (Eml (c) ) ^r-^ 
^m-^fc^k. mabfc J: 5 KM 1 (Dmm:^:^ M 1 2 
«DmlRD''5t;>©T;l'3'JXA^;Ht<^rEb 2 (E 
ml (c) ) ^SlSt-rSo Eb2(Eml(c))) 
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[57] ABSTRACT 

A method for sending a secure message in a telecommuni- 
cations system using public encryption keys. A sending 
transceiver encrypts the message c using the sender's own 
pubKc encryption key Ex to generate Ex(c), and, transmits 
the encrypted message Ex(c) to a receiving transceiver. The 
receiving transceiver then encrypts the encrypted message 
Ex(c) using the encryption key Ey of the intended receiver 
of the message to generate the message Ey(Ex(c)), and, 
transmits the message Ey(Ex(c)) back to the sending trans- 
ceiver. The sending transceiver then decrypts the message 
Ey(Ex(c)) using sender's private decryption key to generate 
Dx(Ey(Ex(c)))=Ey(c), and, transmits the message Ey(c) 
back to the receiving transceiver. The receiving transceiver 
then either decrypts the message using its own decryption 
key Dy, if it is the intended receiver of the message, to 
generate Dy(Ey(c))=c, or, forwards the message on to the 
intended receiver of the message, if it is not the intended 
receiver of the message, where the intended receiver 
decrypts the message using its own decryption key Dy. 

10 Claims, 2 Drawing Sheets 
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METHOD FOR SENDING A SECURE 
MESSAGE IN A TELECOMMUNICATIONS 

SYSTEM 

FIELD OF THE INVENTION 5 
This invention relates to encryption techniques for tele- 
communications systems and, more particularly, to an appa- 
ratus and method for sending a secure message in a tele- 
communications system using public encryption keys. 

10 

BACKGROUND OF THE INVENTION 
Advances in telecommunications systems technology 
have resulted in a variety of telecommunications systems 
and services being available for use. These systems include 
cellular telephone networks, personal communications 
systems, various paging systems, and various wireline and 
wireless data networks. Cellular telephone networks cur- 
rently in use in the United States include the AMPS analog 
system, the digital lS-136 time division multiplexed 
(TDMA) system, and the digital IS-95 digital code division 
multiplexed (CDMA) system. In Europe the Global Services 
for Mobile (GSM) digital system is most widely used. These 
cellular systems operate in the 800-900 Mhz range. Personal 
communications systems (PCS) are also currently being 
deployed in the United States. Many PCS systems are being 
developed for the 1800-1900 MHz range, with each based 
on one of the major cellular standards. 

In each of the above mentioned telccommunicalions 
systems, it may often be desirable for the operators of the ^ 
system to provide secure communications to users of the 
system. This may include sending a secure message between 
two mobile stations operating in the system. In many cases 
the message may be a text message of finite length, such as 
a text message. 

In analog systems, such as AMPS, it is very difficult to 
provide security for communications. The analog nature of 
the signals carrying the communication between two users 
(.Iocs not pcriuit easy or efEcient encryption. In fact, in 
standard AMPS, no encryption is used and communications 4Q 
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being detected. The possibility of interception has been one 
negative factor connected with analog systems such as 
A^4PS. Because of this potential for interception, AMPS 
type systems have not been favored for c 
governmental uses, where sending a se( 
requirement. 50 

The newer digital systems such as GSM, IS-136, and 
IS-95 have been developed so as to include encryption 
services for communications privacy. The digital nature of 
the speech or data signals carrying the communications 
between two users in these digital systems allows the signals 55 
to be processed through an encryption device to produce a 
communications signal that appears to be random or pseu- 
dorandom in nature, until it is decrypted at an authorized 
receiver. When it is desired to send a secure message in .such 
a system, the encryption feature of the system can be used eo 
to encrypt the message. As an example, the short message 
service (SMS) feature specified in these standards could be 
used to send a text message that is encrypted according to 
the system encryption algorithm. 

In the GSM, lS-136, and IS-95 systems, the encryption is 65 
performed on message transmissions between each user and 
the system by using a secret key value, "private key", where 



the key is known only to the system and the user commu- 
nicating wdth the system. The system standards under con- 
sideration for PCS networks may also include encryption 
services that are based on the encryption techniques speci- 
fied in the digital standard from which a particular PCS 
standard is derived, i.e., GSM, IS-136, or IS-95. 

In GSM the system operator controls the secrurity process 
by issuing a subscriber identity modul6(SIM) to each system 
user The SIM is a plug-in chip or card that must be inserted 
into a mobile station that a user intends to make or receive 
calls through. The SIM contains a 128 bit number called the 
Ki that is unique for each user. The Ki is used for both 
auttienlicalioii and deriving an encryption key. In GSM a 
challenge and response procedure is used to authenticate 
each user and generate encryption bits from Ki for the user. 
The challenge and response procedure may be executed at 
the discretion of the home system. 

When a GSM mobile is operating in its home system, 
after Ihe user has identified himself by sending in his 
international mobile system identity/temporary mobile sys- 
tem identities(IMSI/TMSI), a 128-bit random number 
(RAND) is generated in the system and combined with the 
mobile user's Ki to generate a 32-bit response (SRES). The 
system then transmits RAND to the mobile which, in turn, 
computes its own SRES value from the mobile user's Ki, 
and transmits this RAND back to the system. If the two 
SRES values match, the mobile is determined to be authen- 
tic. Encryption bits for communications between the mobile 
and systems are generated in both the mobile and network by 
algorithms using RAND and Ki to produce an encryption 
key "Kc". Kc is then used at both ends to provide secure 
communications. When a GSM mobile is roaming, the 
RAND, SRES and Kc values are transferred to a visited 
system upon registration of the user in the visited system or, 
upon a special request from a visited system. The Ki value 
is never available other then in the home system and the 
user's SIM. 

The IS-136 and IS-95 authentication and encryption pro- 
cedures are identical to each other and, similar to the GSM 
authentication and encryption procedures. In IS-136 and 
IS-95 systems a challenge response method is also utilized. 
The IS-136 and IS-95 method utilizes a security key called 
the"A-key".The 64-bit A-key for each mobile is determined 
by the system operators. I'he A-key for each mobile is stored 
in the home system of the mobile's owner and in the mobile 
itself. The A-key may be initially communicated to the 
mobile ovraer in a secure manner, such as the United States 
mail. The owner can then enter the A-key into the mobile via 
the keypad. Alternately, the A-kcy may be programmed into 
the mobile station at the factory or place of service. The 
A-key is used to generate shared secret data(SSD) in both of 
the mobile and the home system from a predetermined 
algorithm. SSD for each mobile may be periodically derived 
and updated from the A-key of that particular mobile by use 
of an over the air protocol that can only be initiated by the 
home system operator. 

In IS-136 and IS-95 authentication and encryption, a 
32-bit global challenge is generated and broadcast at pre- 
determined intervals within systems in the sendee area of 
the mobile. When a mobile attempts system registration/call 
setup access in the home system, the current global chal- 
lenge response is used to compute, in the mobile, an 18-bit 
authentication response from the mobile's SSD. An access 
request message, including the authentication response and 
a call count value for the mobile, is then sent to the home 
system from the mobile. Upon receiving the access request 
the home system will compute its own response value using 
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the global challenge and the mobile's SSD. If the mobile is 
verified as authentic, by comparison of the authentication 
responses, the mobile's SSD and other relevant data, includ- 
ing the call count value, the mobile is registered. 

When a mobile attempts system registration/call setup 
access in a visited system, the current global challenge 
response is used to compute, in the mobile, the 18-bit 
authentication response from the mobile's SSD. An access 
request message is then sent to the visited system from the 
mobile. For initial registration accesses in a visited system, 
the access request message includes the authentication 
response computed in the mobile. The authentication 
response and global challenge are then sent to the home 
system of the mobile, where the home system wiU compute 
its own response value using the global challenge and the 
mobile's SSD. If the mobile is verified as authentic, by 
comparing the authentication responses, the mobile's SSD 
and other relevant data, including the call count value, is 
then sent to the visited system and the mobile is registered. 
When a call involving the mobile is setup, a current authen- 
tication response value and caU count are sent to the system 
from the mobile along with the call setup information. Upon 
receiving the call setup information, the visited system 
retrieves the stored SSD and call count values for the 
requesting mobile. The visited system then computes an 
authentication response value to verify that the the received 
SSD value and the current global challenge produce the the 
same response as that produced in the mobile. If the authen- 
tication responses and call counts match, the mobile is 
allowed call access. If communications security is desired, 
an encryption key is produced in both the mobile and system 
by using the global challenge and the mobile's SSD as input 
to generate encryption key bits. 

Further background for such techniques as those used in 
GSM and, the lS-136 and lS-95 systems may be found in the 3 
article "Techniques for Privacy and Authentication in Per- 
sonal Communications Systems" by Dan Brown in IEEE 
Personal Communications, dated August 1995, at pages 
6-10. 

While the above described private key procedures used in 4 
the GSM, IS-136 and lS-95 systems provide communica- 
tions security, none of these procedures is entirely immune 
to interception and eavesdropping. All of the procedures 
require that a user's A-key or Ki value be known both in the 
mobile station and home system. They also require that the 4 
user's SSD or Kc value be known at both ends of the 
communications link, i.e., in the system and in the mobile. 
Each of these values could potentially be corrupted and 
become known to a potential interceptor . An mdi\'idual 
knowing the Ki or A-key of a user, or an individual who 5 
intercepts the Kc or SSD of the user in intersystem 
, could potentially intercept and eavesdrop 

connected through a base station of a system could be 
breached at the base station. 

Public key encryption methods are methods in which a 
user is assigned a encryption key that is public, i.e., may be 6 
known and revealed publicly, but is also assigned a private 
decryption key that is known only to the user. Only an 
intended receiving user's decryption key can decrypt a 
encrypted message meant for the intended receiving user, 
i.e., decrypt a message encrypted using the intended receiv- 6 
ing user's encryption key. In a pubHc key encryption tele- 
n system, the user would be allowed to keep 



the decryption key to himself, away from base stations or the 
system. Since the key necessary for decrjrpting a message is 
known only to the receiving user, public key encryption 
methods could provide more secure communications than 
5 are obtainable with the current encrvption techniques being, 
used in, for example, GSM, lS-136, or lS-95. 

In a cellular system using conventional public key 
encryption, if a mobile station X were to send a encrypted 
message to mobile station Y, mobile station X is required to 
1" know both the public encryption key for mobile station Y 
and, the algorithm that must be used with the encryption key 
of mobile station Y. It would also be required that Mobile X 
be capable of performing the encryption of the message 
using mobile station Y's encryption key and algorithm. 
15 These requirements of conventional pubUc key encryption 
may present some difficulties or not be quite optimal for use 
in cellular systems in certain situations. 

One diflicully in using public key encryption techniques 
is that the calculations involved in encryption and decryp- 
tion may require much more in the way of computational 
resources then is required by private key systems. In a 
mobile station such computational resources may be Kmited. 
The requirements on resources may be even greater if two 
mobile station users desire to exchange a message securely, 
with each user using a different encryption/decryption algo- 
rithm. This could be the case, for example, when a roaming 
mobile station enters a system in which the system operator 
has implemented his own unique algorithm that is different 
from the roaming mobile station's home system's algorithm. 
In this case, each particular mobile station would be required 
to be capable of performing encryption with the other user's 
algorithm and, decryption with that particular mobile station 
user's algorithm. Such a requirement could be difficult to 
meet, for example, if the algorithm used for encryption 
■'^ required more computational resources then were available 
in the mobile station performing the encryption. Also, the 
code and data for performing particular algorithms would 
have to be stored in each mobile station or transmitted to the 
mobile station prior to commencement of encryption, cre- 
ating further demands on mobile station computational 

Another potential difSculty in using pubUc key encryption 
techniques in a cellular system involves the requirement that 
the sending mobile station should know the encryption key 
of the receiving mobile station in order to assure that the 
message is only available to the sending or receiving mobile 
stations. In certain public key encryption techniques the 
encryption keys may each be very large, possibly a sequence 
of numbers, and it may be difficult to store encryption keys 
for all potential receiving mobile stations in a single mobile 
station. It may also be difBcult to transmit the key of a 
receiving mobile station to a sending mobile station on an as 
needed basis, for example during call setup, if the key is very 

SUMMARY OF THE INVENTION 

The present invention provides a method for sending a 
secure message in a telecommunications systems using 
] public key encryption. The method is implemented in such 
a way that a particuiar user's decryption key is known only 
at the Iransceiving device of the particular user. The method 
is also implemented so that the transceiving device of the 
particular user needs only be capable of using that particular 
> user's encryption/decryption algorithm and encryption key. 
This is done by using a particular sequence to exchange 
messages between two transceiving devices. The method 
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avoids security problems associated with using private key 
methods and, also allows each mobile station to be able to 
perform only its own public key encryptioa'decryption 
algorithm. The method does not require that a transceiving 
device be able to perform encryption using the encryption . 
key and algorithm of an intended receiver transceiving 
device as in conventional public key encryption. Computa- 
tional resources in a transceiving device can therefore be 
optimized for one particular algorithm. 

The method may be useful in providing highly secure, j 
short message ser^fice (SMS) teleservices when a secure 
message is exchanged between two mobile stations or a 
mobile station and a cellular network, with each mobile 
station or the network using a different encryption/ 
decryption algorithm. Hie method may also be useful in j 
exchanging private keys between two communicating 
mobile stations or, a mobile station and a network, so that 
less computationally intensive private key algorithms may 
be used for longer communications, such as voice transmis- 
sion. Additionally, the method may be used to transmit a ^ 
secure authentication signature from one mobile station to 
another mobile station or network. 

In an embodiment of the invention, a method for point to 
point encryption of a message exchanged between two users 
is implemented into a telecommunications system having at 2 
least one base station and a pluraUty of mobile stations. In 
the point to point embodiment, no decryption is performed 
in the base stations of the system. A user of mobile station 
Ml is assigned a publicly known (known to the system) 
encryption key Eml and a decryption key Dml that is 3 
known only at mobile station Ml (the terms "encryption key 
Emx" and "decryption key Dmx" will be used herein to refer 
to both the algorithm and key values used in the algorithm, 
i.e., Emx is the encryption/decryption algorithm using the 
encryption key values and Dmx is the encryption/decryption 3 
algorithm using the decryption key values). Another system 
user of mobile station M2 is assigned a publicly known 
encryption key Em2 and a decryption key Dm2 that is 
known only at tnubilc station M2, where DmlEm2= 
Em2Uml. Dmlbm2=Em2Uml sets the restriction that ^ 
applying Dml first to a message and then applying Em2, is 
the same as applying Em2 first and then Dml to the 
message. Only Ml knows Dml and only M2 knows Dm2. 
Also, Ml needs only to know Eml and Mi's particular 
encryption/decryption algorithm (Al) and, M2 needs only 4 
know Em2 and M2's particular encryption algorithm(A2). 
When a user having mobile station Ml desires to send a 
a user of mobile station M2, the 
c is encrypted at Ml using Eml and Al to 
generate a message Eml(c). Ml then sends Eml(c) to a base 5 
station Bl of the system. The base station Bl then encrypts 
Eml(c) using Eni2 and A2 to generate the message Em2 
(Eml(c)) and sends it back to Ml. Em2(Eml(c)) is next 
decrypted at Ml using Dml and Al. Since DiiilEm2= 
Em2Dml, decrypting Em2(Eml(c)) using Dml results m s 
Em2(c). Ml then sends Em2(c) to Bl. Bl now sends Em2(c) 
to base station B2 that controls the area where mobile station 
M2 is located. Em2(c) is next sent to mobile station M2 and 
decrypted by mobile station M2 usina Dm2 ana A2 to 
generate the communication c sent by mobile station Ml to 1- 
mobile station M2. 

In another embodiment of the invention, a method ot 
non-point to point encryption of communications between 
two mobile stations may be implemented into a telecc)m- 
munications system. A system user ol mobile station Ml is e 
assigned a publicly known (known to the system) encrypUon 
key Eml and a decryption key Dml that is known only at 



;r of mobile 



mobile station Ml. Ml uses a encryption/decryption algo- 
rithm Al. Another system user of mobile station M2 is 
assigned a publicly known encryption key Em2 and a 
decryption key Dm2 that is known only at mobile station 
M2. M2 uses a encryption decryption algorithm A2. Also, 
each base station Bx of the system is assigned a publicly 
known encryption key Ebx and a decryption key Dbx thai is 
known only to base station Bx. Each base station also 
performs eucryptioii, decryption according to an algorithm 
Abx. The keys are chosen so that for any pair of a base 
station Bx and mobile station Mx which 11: 
with each other, DmxEbx=EbxDmx. 

In this embodiment, when user having mobile si 
desires to send a secure communicatio 
station M2, the communication c is encrypted at Ml using 
Eml and Al to generate a message Eml(c). Ml then sends 
Eml(c) to a base station Bl of the system. The base station 
Bl then encrypts Eml(c) using Ebl and Abl to generate the 
message Ebl(Eml(c)) and sends it back to Ml. Ebl(Eml 
(c)) is next decrypted at Ml using Dml and Ami. Since 
DmlEb2=Eb2Dml, decrypting Ebl(Eml(c)) using Dml 
results in Ebl(c). Ml then sends Ebl(c) to Bl. Bl then 
decrypts Ebl(c) using Dbl and Abl to generate c and, sends 
c to a base station B2 that controls the area where mobile 
station M2 is located. The communication c between B2 and 
M2 may then be encrypted in an identical manner to that 
described for the transfer between Ml and Bl, with B2, Eb2, 
Db2 and Ab2, in place of Ml,Eml,Dml and Ami, and, M2, 
Em2, Dm2 and Am2, in place of Bl,Ebl,Dbl and Abl. 

BRIEF DESCRIPTION OF THE DRAWINGS 
A more complete understanding of the method of the 
present invention may be had by reference to the following 
detailed description when read in conjunction with the 
accompanying drawings wherein: 

FIG. 1 illustrates a block diagram of a telecommunica- 
tions system constructed according to an embodiment of the 



FIG. 2 is a flow diagram showing process steps performed 
to provide point to point encryptea communications within 
a telecommunications system according to an embodiment 
of the invention; and 

FIG. 3 is a flow diagram showing process steps performed 
to provide non point to point encrypted c 
within a telecommunications system accordin 
embodiment of the invention. 



FIG. 1 illustrates a block diagram of a telecommimica- 

tions system 100 constructed according to an embodiment of 
the invention. System 100 comprises base stations Bl and 
B2 1 ill ieiet\ rk 142 ind m bile Mituns Ml nd M2. 
Although shown to include two base stations and two mobile 
St IS s\ sen 100 mi\ c-impiise mire ir less hise stations 
or mobile stations then are shown in FIG. 1. The mobile 
stations Ml and M2 mav be mobile telephones that provide 
speech communications between a user ot Ml or M2, and 
another mobile telephone or. between the user and a land 
line telephone connected to landline network 142. Mobile 
stations Ml and M2 mav also be any other type of mobile 
communications device capable of operatine according to 
the system standard lor system KM), such as a personal 
communications device or a laptop computer operating 
through a wireless modem. Landline network 142 may be a 
pubUc switched telephone network(PSTN) or a private land- 
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line network for system 100 that includes mobile switching 
centers for controUing call routing, registration and hand-off 
of a mobile from one base station to another in system 100. 
In system 100, mobile stations Ml and M2 may move about 
the coverage area of system 100 while communicating with < 
the base stations of system 100 through RF hnks. In FIG. 1, 
mobile stations Ml and M2 are shown to be communicating 
with base stations Bl and B2, respectively, over RF hnks 
144 and 146, respectively. System 100 may operate accord- 
ing to any telecommunications system standard that pro- ^ 
vides a digital interface over the RF Unks between mobile 
stations Ml and M2, and base stations Bl and B2. The 
design and operation of digital telecommunications systems 
is known and will not be described in detail here. System 
100 may be implemented in any number of ways. For 
example, the digital RF interface in system 100 may operate 
according to a standard similar to the Telecommunications 
Industry Association/Electronic Industry Association (TIE/ 
EIA) IS-136, 18-95, and PCS 1900 standards or the Euro- 
pean GSM standard. ^ 
Mobile station Ml includes a transceiver unit 104 coupled ' 
to an antenna 102 for receiving radio signals from, and for 
transmitting radio signals to, base stations of system 100. 
Mobile staiion Ml includes a user interface 108, which 
could be a computer keyboard or a mobile telephone handset j 
with a keypad, microphone and earpiece. Control unit 106 in 
mobile station Ml controls RF channel selection and other 
system functions in the conventional manner and, a logic 
unit 112 controls the general operation of the mobile station. 
Logic unit 112 may also be utilized to implement and 3 
perform encryption and decryption functions used for com- 
munications security. Display 110 provides a general visual 
interface to the u.ser of mobile station Ml and is under 
control of logic unit 112. Mobile station M2 includes trans- 
ceiver unit 116, user interface 120, control unit 118, logic 3 
unit 124, and display 122, each having the function as 
described for the corresponding section of mobile station 
Ml. 

Base station Bl includes a transceiver unil 136 coupled to 
antenna 134 for receiving radio signals from and, transmit- 4 
ting radio signals to mobile stations. Bl also includes control 
unit 138 and processor 140. Control unit 138 controls RF 
channel selection and assignment by generating the appro- 
priate control messages to mobile stations, and also controls 
other necessary system functions such as interfacing with 4 
landline network 142. Processor 140 may be utilized to 
implement and perform encryption and decryption functions 
used for communications security. Rase station R2 includes 
transceiver unit 128, antenna 126, control unit 130 and 
processor 132, each having the function as described for the 5 
corresponding section of base station Bl. 

In an embodiment of the invention an encrypted message 
may be passed from one user to another user in system 100, 
without the message being decrypted along the path from 
user to user. I'he message may only be decrypted by the 5 
intended receiver. The embodiment may be used to provide 
point to point communications between any two points in 
the system, including between two mobile stations, between 
a base station and a mobile station, and, between a mobile 
station and an appropriately equipped landUnc subscriber a 
station. 



rally. 



e point to point message t: 
each mobile station Mx of system 100 is assigned a publicly 
known encryption key Emx and a decryption key Dmx that 
is known only at mobile station Mx. For any two mobile 1 
stations Ml and M2 desuing to communicate, DmlEm2 
must equal Em2Dml. However, the encryption algorithms 



used by each of Ml and M2 may be different. When the user 
of MSI desires to send a secure communication c to a user 
of MS2, the communication c is encrypted at MSI using 
Eml and Ami to generate an encrypted message Eml(c). 
MSI then sends Eml (c) to base station Bl of the system. 
The base station Bl then encrypts Eml (c) using Em2 and 
Am2 to generate the message Em2(Eml(c)) and sends it 
back to MSI. MSI next decrypts Em2(Eml(c)) using Dml 
and Ami. Since DmlEm2=Em2Dml, decrypting Em2(Eml 
(c)) using Dml results in Em2(c). MSI then sends Em2(c) 
to Bl. Bl now sends Em2(c) to base station B2 that controls 
the area where MS2 is located. Em2(c) is next sent to MS2 
and decypted by MS2 using Dm2 and Am2 to generate the 
decrypted communication c sent by MSI to MS2. 

Referring now to FIG. 2, therein is illustrated a flow 
diagram showing process steps performed to provide point 
to point encrypted communications within a telecommuni- 
cations system according to an embodiment of the invention. 
As an iUustrative example, the case of a encrypted message 
transfer between mobile station Ml and mobile station M2 
of FIG. 1 will be used to describe the process, with Ml using 
the the Rabin algorithm and, M2 using the Rivest, Shamir 
and Adleman (RSA) algorithm. Abackground description of 
the Rabin algorithm is given in the book "Cryptography, 
Theory and Practice" by Stinson, published by CRC, 1995, 
at pages 143-148. A detailed description of the RSA algo- 
rithm is given in the book "Digital Money" by Lynch et al., 
pubhshed by John Wiley and Sons, 1996, at pages 76-86. 

The key functions Eml and Dml for mobile station Ml 
may be chosen according to the Rabin critieria. In the Rabin 
algorithm, for this example, two prime numbers p and q are 
chosen using a selected predefined number N, where pxq=N, 
and p=4ki+3, and, q=4k,+3, and where kj and kj are 
constants. N may be publicly known, while p and q must be 
kept private. Eml is defined as Eml(c)=(c)-mod N and, 
DM1 is defined as DMl(c)=c' " mod N, where c is the 
message to be transmitted. To solve DMl(e) for c' the 
equations x-=c mod p, and, x-=c mod q, are solved using the 
solutions, =±c'-''*^^''', and, X2=±c'''*^^''*. If two values a and 
b are found such that ap+bq=l,lh6n c^'^ can be found by the 
equation c^^^=bqx-,+apx2 mod N. 

The key functions Em2, Dm2, for mobile station M2 may 
be chosen according to the Rivest, Shamir and Adleman 
(RSA) criteria. In RSA Iwo(large) prime numbers p and q are 
first selected, where pxq=N. In this embodiment, N for M2 
equals the N used for Ml. This simplifies meeting the 
condition that DmlEm2=Dm2Eml. However other values 
of N could be used as long as DmlEm2=Em2Dml. Two 
other values, a2 and b2, are then chosen, where (a2)(b2)=l 
mod (p-l)(q-l). N and a2 may be public, and b2 must be 
kept private. Em2 and Dm2 are then defined as Em2(c)=(c) 
"~ mod N, and, Dm2 =(c)''* mod N. 

The process starts at step 200 where the encryption 
process is initiated in Ml. At step 202, communication c is 
encrypted by logic unit 112 using Eml and Ami, to generate 
the encrypted message Eml(c)=(C)' mod N. The process 
then moves to step 204 where Eml(c) is transmitted through 
transceiver unit 104 from Ml to Bl. After receiving Eml(c) 
through transceiver unit 136, processor 140 of Bl encrypts 
tml(c) at step 206, using Em2 and Am2, to generate the 
encrypted message Em2(Eml(c))=((c) )" mod N. The pro- 
cess then moves to step 208 where Em2(Eml(c)) is sent 
back to Ml from Bl. Next at step 210, after receiving 
Em2(Eml(c)) from Bl, logic unit 112 of Ml decrypts 
Em2(Eml(c)) using Am2(the Rabin algorithm) as described 
before. (Em2(Eml(c)))^'^=(((c)^)"-)^". The generated mes- 
sage Dml(Em2(Eml(c))) then equals (c)"^ mod N, or the 
encrypted message Em2(c). 



Next, at step 212, transceiver unit 104 of Ml sends the 
encrypted message Em2(c) to Bl. Next, at step 214, control 
unit 138 of Bl then sends Em2(c) through landline network 
142 to control unit 130 of B2. Since the message is 
encrypted, this is a secure communication. Next at step 216, 5 
after receiving Em2(c) through control unit 130 of B2, 
transceiver unit 128 sends Em2(c) to M2. At step 218 
Em2(c) is decrypted in logic unit 124 of M2 using Dm2 and 
Am2 to generate Dm2(Em2(c)=((c)"-)''- mod N, cr, Dm2 
(Em2(c))=c. M2 now has received the decrypted communi- 10 



In another embodiment of the invention, a non-point to 
point method is used to transfer a message from one user to 
another user in system 100. In this embodiment the message 
is decrypted at the base station in communication with the 15 
sending user. The message is then sent to the base station in 
communication with the receiver of the message and 
encrypted for transmission to the receiver of the message. In 
this embodiment, each of the communicating mobile sta- 
tions or base stations need only know its own encryption key 20 
and encryption/decryption algorithm. The communicating 
entities need not know or be able to perform the encryption 
algorithm of any of the other communicating entities. 

Generally, in this embodiment each mobile station Mx is 
assigned an encryption key Emx and a decryption key Dmx. 
Dmx is known only at mobile station x. Each base station Bx 
of system 100 is assigned an encryption key I.bx and a 
decryption key Dbx. Dbx is known only at base station Bx. 
For any pair of mobile and base stations Mx and By desiring 
to communicate with each other, DmxEby must equal Eby- 
Dmx. 

When user of Ml desires to send a secure communication 
c to a user of M2, the communication c is encrypted by Ml 
using Eml and Ami to generate a message Eml(c). Ml then 
sends Eml(c) to base station Bl of the system. The base 
station Bl then encrypts Eml(c) using Ebl and Abl to 
generate the message EI)l(Ern 1(c)) and sends il back lo Ml. 
Ml next decrypts EbI(Eml(c)) usmg Dml and Al. Since 
DmlEbl=DblEml, dccrvpling Ebl(Eml(c)) using Dml 
and A2 results in Ebl(c). Ml then sends Ebl(c) to HI. .Ml 
can be the only user who sends the correct Ebl(c) to HI at 
this point. Bl now decrypts Ebl(c) using Dbl and Abl to 
generate c. Bl next sends c through the system to base 
station B2 that controls the area where user M2 is located. 
The communication c between B2 and M2 may then be 
encrypted in an identical manner to that described for the 
transfer between Ml and Bl, with B2, Eb2, Db2 and Ab2, 
in place of Ml,Eml,Dml and Ami, and, M2, Em2, Dm2 
and Am2, in place of Bl,Ebl,Dbl and Abl. 

Referring now to FIG. 3, therein is illustrated a flow 
diagram showing process steps performed to provide non- 
point to point encrypted communications vwthin a telecom- 
munications system according to an embodiment of the 
invention. The flow diagram of FIG. 3 can be used to 55 
describe an illustrative example, describing the case of a 
encrypted message transfer between mobile station Ml and 
mobile station M2 of FIG. 1. In this example. Ml and M2 
use the Rabin algorithm and Bl and B2 use ihe RSA 
algorithm. The process used in FIG. 3 prevents mobiles Ml 
and M2 from having to perform the RSA algorithm used by 
the base stations. 

The key functions Emy, Dmy, for mobile station My may 
be chosen according to the Rabin criteria. In the Rabin 
algorithm for this example, two prime numbers p and q are 65 
chosen using a selected number N, where pxq=N, and 
p=4ki+3, and, q=4k2+3, and where k^ and kj are 
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N may be publicly known, and p and q must be kept private. 
Emy is defined as Emx(c)=(c)^ mod N and, DMy is defined 
as DMy(c)=c"^ mod N. To solve DMy(c) for c, the equa- 
tions x'=c mod p, and, x^=c mod q, are solved using the 
solutions, x^_^J''*^^''^,dLnd, X2=±c'^''*^^'"*.If two values a and b 
are found such that ap+bq=l, then c can be found by the 
equation c^''^=bqXi+apx2 mod N. 

The key fimctions Ebx and Dbx for base station x may be 
chosen according to the Rivest, Shamir and Adleman(RSA) 
criteria. In RSA two(large) prime numbers p and q are first 
selected, where pxq=N. Two other values, ax and bx, are 
then chosen, where (axXbx) =1 mod (p-l)(q-l). Ebx and 
Dbx are then defined as Ebx(c)-(c)'" mod N, and, Dbx 
=(c)'" mod N. In this embodiment, N for Bl equals the N 
used for Ml and, N for B2 equals the N used for M2. This 
simpUfles meeting the condition that DmlEbl=EblDml. 
However other values of N could be used as long as 
DmlEbl=EblDml and, Dm2Eb2=Eb2Dm2. 

The process starts at step 300 where the encryption 
process is initiated. Next at step 302, communication c is 
encrypted at logic unit 112 of Ml using Eml and Ami, to 
generate the encrypted message Eml(c)=(c)^ mod N. The 
process then moves to step 304 where Eml(c) is transmitted 
through transceiver unit 104 from Ml to Bl. At step 306, 
after receiving Eml(c) through transceiver uit 136, Bl 
encrypts Eml(c) using Ebl and Abl, to generate the 
encrypted message Ebl(Eml(c))=((c)^)°' mod N. The pro- 
cess then moves to step 308 where Em2(Eml(c)) is sent 
back through transceiver unit 136 to Ml from Bl. Next, at 
step 310, after receiving Em2(Eml(c)) from Bl through 
transceiver imit 104, logic tmit 112 of Ml decrypts Eb2 
(Eml(c)) using Dml and Rabin's algorithm, as described 
before. ^b2(Eml(c)))^'^=(((cf )°^)''^. The generated mes- 
sage Dml(Eb2(Eml(c))) then equals (c)"^ mod N, or the 
cncyptcd message Eb2(c) 

Next, at step 312, Ml sends the encrypted message Ebl(c) 
is sent to Bl through transceiver unit 104 and, at step 314 
processor unit 140 of Bl then decrypts Ebl(c) using Dbl to 
generate Dbl(Ebl(c)=((c)'"i)''i mod N=c. After the commu- 
nication c is decrypted at processor 140 Bl the process 
moves to step 316 where the communication c is sent from 
cnntnil iinii 13S nfliasc station Bl through landline network 
142 to control unit 130 base station H2. llie transmission of 
cominuuication c between B2 and M2 may then be per- 
formed in an identical manner to that described for the 
transfer between Ml and Bl. This is illustrated by steps 
318-330, which are identical to steps 302-314 with B2, Eb2, 
Db2 and Ab2, in place of Ml,Eml,Dml and Ami, and, M2, 
Em2, Dm2 and Am2, in place of Bl,Ebl,Dbl and Abl. 

The teachings of this invention should not be construed to 
be Hmited for use only with the telecommunications stan- 
dards described, and should be construed to include any 
similar systems. Furthermore, other encryption algorithms 
than those expressly disclosed above may be employed to 
practice this invention. 

Tlius, the invention has been particularly shown and 
describer with respect to preferred embodiments thereof, 
and it will be understood by those skilled in the art that 
changes in form and details may be made without departing 
from the spirit and scope of the invention. 

What is claimed is: 

1. In a telecommunications system having at least one 
base station and a plurality of mobile stations, a method for 
sending a seciu^e message, said method comprising the steps 
of; 

assigning each mobile station a decryption key and an 
encryption key, wherein each encryption key is public; 
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encrypting a first message at a first mobile station using 

the encryption key of said first mobile station to gen- 
erate a second message; 
transmitting said second message iiom said first mobile 

station to said at least one base station; 5 
encrypting said second message at said at least one base 

station, using the encryption key of a second mobile 

station, to generate a third message; 
transmitting said third message from said at least one base 

station to said first mobile station; 
decrypting said third message at said first mobile station, 

using the decryption key of said first mobile station, to 

generate a fourth message; 
transmitting said fourth message from said first mobile 15 

station to said at least one base station; 
transmitting said fourth message from said at least one 

base station to said second mobile station; and 
decrypting said fourth message at said second mobile 

station using the decryption key of said second mobile ^ 

station to regenerate said first message. 

2. The method of claim 1, wherein the decryption key and 
encryption key of said first mobile station and the decryption 
key and encryption key of said second mobile station arc 
configured so that applying the encryption key of said 
second mobile station to a communication to obtain a first 
result, and then applying the decryption key of said first 
mobile station to the first result to obtain a final result, are 
equivalent in effect to applying the decryption key of said 
first mobile station to said communication to obtain a second ^ 
result, and then applying the encryption key of said second 
mobile station to said second result to obtain said final result. 

3. The method of claim 1, wherein said steps of encrypt- 
ing and decrypting at said first mobile station are performed 
according to a first algorithm, and said steps of encrypting 
at said base station and decrypting at said second mobile 
station are performed according to a second algorithm. 

4. The method of claim 3, wherein said first algorithm 
comprises an RSAtype algorithm and said second algorithm 
comprises a Rabin type algorithm. ''^ 

5. The method ol claim 3, wherein said first algorithm 
comprises an Raisin type aliiorilhm and said second algo- 
rithm comprises a RSA type algorithm. 

6. In a telecommunications system, an apparatus for 
sending a secure message, said apparatus comprising: 

a first mobile station, assigned a first decryption key and 
a first encryption key, said first mobile station for 
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encrypting a first message using said first encryption 
key to generate a second message, transmitting the 
second message on an air interface, receiving a third 
message on said air interface, decrypting the third 
message using said first decryption key to generate a 
fourth message, and transmitting the fourth message on 
said air interface; 

a base station, said base station for receiving the second 
message on said air interface, encrypting the second 
message using a second encryption key to generate the 
third message, transmitting the third message on said 
air interface to said first mobile station, receiving the 
fourth message on said air interface from said first 
mobile station, and transmitting a fifth message on said 
air interface, wherein the fifth message includes the 
fourth message; and 

a second mobile station, assigned a second decryption key 
and said second encryption l^cy, said second mobile 
station for receiving the filth message on said air 
interface from said base station and decrypting the 
fourth message iiicludud in the fifth message, using said 
second decryption key, 

7. The apparatus of claim 6, wherein said first encryption 
key and said first decryption key and said second encryption 
key and said second decryption key are configured so that 
applying said second encryption key to a communication to 
obtain a first result, and then applying said first decryption 
key to the first result to obtain a final result are equivalent in 
eft'ect to applying said first decryption key to said commu- 
nication to obtain a second result, and then applying said 
second encryption key to said second result to obtain said 
final result. 

8. The apparatus of claim 7, wherein encrypting and 
decrypting at said first mobile station are performed accord- 
ing to a first algorithm, and encrypting at said base station 
and decrypting at said second mobile station are performed 
according to a second algorithm. 

9. The apparatus of claim 8, wherein said first algorithm 
comprises an RSA-type algorithm and said second algorithm 
comprises a Rabin-type algorithm. 

10. The apparatus of claim 8, wherein said first algorithm 
comprises a Rabin-type algorithm and said second algorithm 
comprises an RSA-type algorithm. 
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